Application programs often use verification codes to identify whether information, such as usernames and passwords, is inputted by legitimate users, or by attackers using a computer in continuous attempts to crack a legitimate user's username and password. A verification code may include random characters displayed to a user in an image, which the user then enters. Alternatively, a verification code may include a question displayed to a user in an image, and a user can enter the answer to the question. Since attackers are unable to enter the correct information by computer, verification codes may be used to distinguish whether the information entered is from legitimate users or attackers.
In the conventional technology, verification codes may be made more secure by adding visual noise and distortion to the random characters or increasing the difficulty of the questions. However, employing these measures often has a negative effect on the user experience, as the random characters or questions may be difficult for legitimate users to distinguish or answer. Particularly for mobile device users, due to the fact that inputting information on mobile devices is less easy, user experience is negatively impacted by the conventional verification measures.